They could but if you use it to establish an SSL session it has to be a 'personal certificate' in the browser store and the process of getting it into the browser will fox most IT people never mind mom and pops. Also browser versions, service packs and the weather all mean that there are millions of permutations of problems. Certificate management is the killer - if you look at how Landonline works it uses this approach as its a closed group of users and the cert mgmnt issues is less. Certs in retail banking have always caused big problems/high support costs. Colin. Russell Sharpe wrote:
I agree,
I'm not a application Security expert, but why can the banks issue a authentication Certificate, and only allow connections to those who are authenticated?
Russell Sharpe rsharpe(a)paradise.net.nz Ph +64 4 9717665, +64 21 742 773 Fax +64 4 9717635, +64 21 342 776
-----Original Message----- From: Craig Whitmore [mailto:lennon(a)orcon.net.nz] Sent: Monday, 19 September 2005 17:52 To: Matthew Poole; nznog(a)list.waikato.ac.nz Subject: Re: [nznog] New phish - Westpac
Banks should be proactive in these type of things. westpacs phish would of been stopped if they had SPF records.
Quite a number of Banks in the States and other places have started to put SPF records in to stop this phishing (This is what SPF is used for (not Anti-Spam)) The IRD/SSC/Treasury (the 3 most important NZ government areas) have SPF records (and they use -all which is good).
Before you reply. I've heard all the Anti-SPF abuse before. Yes it can break forwarding, but people shouldn't forward without your permission (and then you change your SPF records to allow this)
Thanks Craig http://www.spam.co.nz/spf
----- Original Message ----- From: "Matthew Poole"
To: Sent: Monday, September 19, 2005 5:31 PM Subject: Re: [nznog] New phish - Westpac _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
-- *Colin Slater* Director Securify NZ Ltd IT Security and Risk Management *p*: 021 190 1112 *e*: colin.slater(a)securify.co.nz *w*: www.securify.co.nz